A Management System for Heterogeneous Networks (MSHN) Security Analysis
NAVAL POSTGRADUATE SCHOOL MONTEREY CA
Pagination or Media Count:
A team of interdisciplinary experts funded by DARPA is in the process of developing a Resource Management System termed MSHN a Management System for Heterogeneous Networks. MSHNs primary function is to accept a sequence of jobs, and intelligently determine what jobs should be executed on which machines and when. It is designed to take both machine affinity and loads into account, thus providing superior performance and Quality of Service QoS. The current prototype of MSHN does not provide protection against the threats of inadvertent disclosure and corruption of sensitive information and resources. A rigorous security analysis of MSHN is the first step required to successfully incorporate security into the MSHN project. The approach taken was to analyze MSHNs architecture, information flow diagrams and user interfaces and explain how fundamental security concepts may be applied to MSHN. By exercising the MSHN simulator, this work was able to expose many security weaknesses and outline conceivable methods of exploitation. As a result of this effort, a security policy tailored to MSHN is proposed, a functional breakout process based on the principle of least privilege between common user interface capabilities and administration capabilities is provided, and finally design recommendations for the incorporation of security into MSHN are presented.
- Computer Systems
- Computer Systems Management and Standards